Walk Through the Hyver - ״Rapid7 InsightVM Cloud״ integration to import assets, findings, and strengthen cyber risk insights.
1. Introduction
Rapid7 InsightVM Cloud supports both the cloud instance and managing the Rapid7 InsightVM On-prem as SaaS with a cloud sync option.
Rapid7 InsightVM Cloud combines the power of Nexpose vulnerability research, Metasploit exploit insights, global attacker intelligence, internet-wide scanning, exposure analytics, and real-time reporting — all in one platform.
By integrating InsightVM with Hyver, you can seamlessly bring in assets and their associated findings, helping you connect vulnerability data directly to business impact and remediation priorities. Data will be aggregated into prioritized aggregated findings with remediation assets. The ingested data will affect the Exposure and Maturity metrics based on your business context.
2. Prerequisites
In order to integrate to Hyver, you need an account in Rapid7 InsightVM On-prem with cloud sync or account in Rapid7 InsightVM Cloud.
You need to be an Admin user in Hyver and an Admin user in Rapid7.
3. Rapid7 Configuration
Before setting up the integration, make sure you have the following in place:
API key - use admin user to generate new api key with the following permissions (more info)
One option is to use Organizational API key.
Second option is to use User API key - with platform administrator permissions to use bulk export API (check this option in User Management → Users → Platform Administrator Privileges).
Note: If a user without Platform Administrator privileges attempts to generate an API Key, the request will return a 403 Forbidden response
4. Configuring in Hyver
Create the Integration
In Hyver, go to Settings > Integrations and select the Rapid7 InsightVM Cloud tile (You must be a Hyver administrator).
Click Add.
Enter a name for the integration.
Enter your Rapid7 InsightVM Cloud API Key.
Enter the Rapid7 InsightVM Cloud Region - region code according to the relevant region of the customer (appears in Rapid7 customer’s URL).
In this specific example, it will be ‘us2’.
Click Verify Connection to confirm the details match the expected format.
5. Viewing Results
Viewing Assets in Hyver
Once the integration is complete, Hyver automatically creates a new technology asset (same as Rapid7 InsightVM On-prem) with the following details:
Asset type: VM (Vulnerability Management)
Technology name: Rapid7
Engagement: Integration with external tools
This technology asset is automatically mapped to the NIST Cybersecurity Framework (CSF). In Hyver, technologies are treated as assets (such as security tools) that can strengthen the maturity level of specific NIST subcategories and they are included in the overall maturity calculation.
Rapid7 Findings in Hyver
With the integration in place, you can now see all of Rapid7’s findings directly inside Hyver:
Findings page: All imported findings are categorized, giving you a clear overview.
Sources filter: Quickly locate findings specifically coming from Rapid7 Cloud.
Remediation Assets: See which vulnerabilities are linked to each asset, making it easy to understand what’s affected.
6. Collected Endpoints
Collected endpoints are the specific data sources Hyver pulls from Rapid7 InsightVM Cloud to bring in relevant assets and findings. These endpoints define what information is synchronized into Hyver and made available for analysis.
For the Rapid7 InsightVM Cloud integration, Hyver reads from the following reports:
Assets – the inventory of all systems and devices tracked in InsightVM.
Assets vulnerabilities – the list of vulnerabilities identified on those assets.
By collecting this data, Hyver can map InsightVM findings to business risk, correlate vulnerabilities with assets, and help prioritize remediation.
Types of Fetched Entities from Rapid7 to Hyver
Hyver ingests and processes a wide range of findings from Rapid7 InsightVM Cloud. Each finding is linked to the assets it affects, mapped to business risk, and ready to be prioritized for remediation.
Full list provided here:
Insufficient Global Security Update Policy or Mechanism
Weak Password Policy
Unauthenticated Sensitive Information Disclosure
Active Default Administration Account
Subdomains are Susceptible to Subdomain Takeover
Servers can be Abused for DDoS Amplification Attacks
Weak Cryptographic Algorithms
Weak Authentication Mechanism
Usage of Outdated and Vulnerable Protocols
Sensitive Business Information Disclosure
Direct Database Access Via SQL Injection
Untrusted Server Certificates
Usage of Outdated and Vulnerable Technologies
No Malicious Code Detection Capabilities
Insufficient Access Control Governance and Segregation of Duties
Anonymous Access to Sensitive Interfaces
Reflected Cross-Site Scripting
Local File Inclusion
Source Code Disclosure
XPath Injection
Buffer Overflow
Parameter Pollution
Persistent Cross-Site Scripting
Insecure HTTP Methods are Enabled
Sensitive Files Disclosure
OS Command Injection
Authorization Bypass
Privileged Accounts Governance and Hardening Strategy is Lacking
7. Editing or Deleting the Integration
Editing the integration
In case the organization needs to update the API Key of the integration due to permissions changes or key rotation update it can be done using editing the integration details.
Go to the Rapid7 InsightVM Cloud integration in Hyver.
Click Edit Integration, update the details, and click Save.
Deleting the integration
When deleting an integration The connection is terminated immediately. No new data will be ingested, but all previously collected data remains available in Hyver.
If you do want to delete an integration:
Click Delete Integration and confirm the action.
Wrap-up
In this article, we explored how to integrate Rapid7 InsightVM Cloud with Hyver. We reviewed the prerequisites and installation requirements, walked through the setup workflow, and explained how to edit or delete the integration. Finally, we covered how Rapid7 findings are ingested into Hyver and mapped to business risk, enabling smarter prioritization and remediation.